package com.action;

import java.io.IOException;
import java.security.Principal;

import javax.annotation.Resource;
import javax.servlet.Servlet;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.struts2.ServletActionContext;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;

import com.base.BaseAction;
import com.domain.User;
import com.service.UserService;
import com.util.BOSContext;
import com.util.MD5Utils;


@Component(value="userAction")
@Scope(value="prototype")
public class UserAction extends BaseAction<User> {
	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;
	@Resource(name="userService")
	private UserService userService;
	private String checkcode;			//接受验证码
	
	public String login(){
		String code = (String) ServletActionContext.getRequest().getSession().getAttribute("key"); 			//获取生成的验证码
		checkcode=ServletActionContext.getRequest().getParameter("checkcode");
		if(StringUtils.isBlank(checkcode) || !checkcode.equals(code)){										//比较输入的验证码
		this.addActionError(this.getText("invalidateCode")); 					//设置错误信息,在资源文件中专门谢了个错误信息键值对
			return "fail";
		}else{
			Subject subject = SecurityUtils.getSubject();
			String username = model.getUsername();
			String password = MD5Utils.md5(model.getPassword());
			//交由安全管理器验证密码
			AuthenticationToken token = new UsernamePasswordToken(username,password);
			try{
				subject.login(token);//在安全管理器中进行验证
				//通过则将用户放在session中
				User user = (User) subject.getPrincipal();
				ServletActionContext.getRequest().getSession().setAttribute("user", user);
			}catch (Exception e) {
				this.addActionError("用户名或密码错误!");
				return "fail";
			}
		}
		return "success";
	}
	
	
	
	
	/*public String login(){
		String code = (String) ServletActionContext.getRequest().getSession().getAttribute("key"); 			//获取生成的验证码
		checkcode=ServletActionContext.getRequest().getParameter("checkcode");
		if(StringUtils.isBlank(checkcode) || !checkcode.equals(code)){										//比较输入的验证码
		this.addActionError(this.getText("invalidateCode")); 					//设置错误信息,在资源文件中专门谢了个错误信息键值对
			return "fail";
		}else{																	//验证码正确,再验证用户名
			System.out.println(model.getUsername()+"---"+model.getPassword());
			User user = userService.login(model);
			if(user!=null){
				ServletActionContext.getRequest().getSession().setAttribute("user", user); 	//将登录成功的用户名放入域中
				return "success";
			}else{
				this.addActionError(this.getText("loginFail"));					//写入错误信息.
				return "fail";
			}
		}
	}*/
	
	public String logout(){
		ServletActionContext.getRequest().getSession().invalidate();
		return "fail";
	}
	
	public String editPwd() throws IOException{
		System.out.println(model.getPassword());
		model.setId(BOSContext.getUser().getId());
		String flag = "1";
		try{
			userService.editPwd(model);
		}catch (Exception e) {
			flag="0";
		}
		ServletActionContext.getResponse().setContentType("text/html;charset=utf-8");
		ServletActionContext.getResponse().getWriter().print(flag);
		return NONE;
	}
}
